From: "Wu, Hao A" <hao.a.wu@intel.com>
To: Heyi Guo <heyi.guo@linaro.org>,
"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Cc: "Ye, Ting" <ting.ye@intel.com>,
"Gao, Liming" <liming.gao@intel.com>,
"Wu, Jiaxin" <jiaxin.wu@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
"Fu, Siyuan" <siyuan.fu@intel.com>
Subject: Re: [PATCH 0/6] Refine code logics to prevent possible mis-reports by static code checkers
Date: Tue, 20 Dec 2016 08:14:54 +0000 [thread overview]
Message-ID: <B80AF82E9BFB8E4FBD8C89DA810C6A0931C5A1AC@SHSMSX104.ccr.corp.intel.com> (raw)
In-Reply-To: <4f73905a-ab73-4fe9-5bf9-beac154da7c5@linaro.org>
Hi Heyi,
For the warnings reported by the static checkers you mentioned, could you
help to analyze those issues and find out if there are real issues exist?
If there are real code issues, I think you can report them to Bugzilla
with the appropriate classification (e.g. Security or Not Security
Related).
Thanks in advance.
Best Regards,
Hao Wu
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Heyi
> Guo
> Sent: Sunday, December 18, 2016 11:04 AM
> To: Wu, Hao A; edk2-devel@lists.01.org
> Cc: Ye, Ting; Gao, Liming; Wu, Jiaxin; Yao, Jiewen; Kinney, Michael D; Fu, Siyuan
> Subject: Re: [edk2] [PATCH 0/6] Refine code logics to prevent possible mis-
> reports by static code checkers
>
> Hi Hao,
>
> May I ask which static code checkers you are using?
>
> We are using Coverity and Fortify checkers, and there are hundreds of
> warnings reported. Do you have a plan to analyze and fix (some may be
> not real errors) the warnings from these two checkers?
>
> Thanks and regards,
>
> Heyi
>
> 在 12/14/2016 7:26 PM, Hao Wu 写道:
> > The series refines the loop logic (e.g. for, while) of some functions to
> > be more straightforward. This will help to prevent some possible
> > mis-reports by static code checkers
> >
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Fu Siyuan <siyuan.fu@intel.com>
> > Cc: Ye Ting <ting.ye@intel.com>
> > Cc: Wu Jiaxin <jiaxin.wu@intel.com>
> >
> > Hao Wu (6):
> > MdePkg/BaseLib: Refine (Ascii)StrnLenS functions logic
> > MdePkg/BaseLib: Add an additional check within (Ascii)StrnCmp
> > MdePkg/MemoryLib: Refine InternalMemSetMem16|32|64 functions logic
> > MdeModulePkg/DxeNetLib: Rewrite NetblockChecksum function logic
> > MdeModulePkg/UefiPxeBcDxe: Refine the CvtNum function logic
> > NetworkPkg: Refine UintnToAscDecWithFormat functions logic
> >
> > MdeModulePkg/Library/DxeNetLib/NetBuffer.c | 16 ++++++++--------
> > .../Universal/Network/UefiPxeBcDxe/PxeBcSupport.c | 5 ++---
> > MdePkg/Library/BaseLib/SafeString.c | 16 ++++++++++++----
> > MdePkg/Library/BaseLib/String.c | 4 +++-
> > MdePkg/Library/BaseMemoryLib/MemLibGeneric.c | 18 +++++++++--
> -------
> > MdePkg/Library/PeiMemoryLib/MemLibGeneric.c | 18 +++++++++----
> -----
> > MdePkg/Library/UefiMemoryLib/MemLibGeneric.c | 18 +++++++++---
> ------
> > NetworkPkg/HttpBootDxe/HttpBootSupport.c | 5 ++---
> > NetworkPkg/UefiPxeBcDxe/PxeBcSupport.c | 5 ++---
> > 9 files changed, 56 insertions(+), 49 deletions(-)
> >
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
prev parent reply other threads:[~2016-12-20 8:14 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-14 11:26 [PATCH 0/6] Refine code logics to prevent possible mis-reports by static code checkers Hao Wu
2016-12-14 11:26 ` [PATCH 1/6] MdePkg/BaseLib: Refine (Ascii)StrnLenS functions logic Hao Wu
2016-12-15 23:54 ` Kinney, Michael D
2016-12-16 3:21 ` Wu, Hao A
2016-12-14 11:26 ` [PATCH 2/6] MdePkg/BaseLib: Add an additional check within (Ascii)StrnCmp Hao Wu
2016-12-15 23:54 ` Kinney, Michael D
2016-12-14 11:26 ` [PATCH 3/6] MdePkg/MemoryLib: Refine InternalMemSetMem16|32|64 functions logic Hao Wu
2016-12-15 23:55 ` Kinney, Michael D
2016-12-14 11:26 ` [PATCH 4/6] MdeModulePkg/DxeNetLib: Rewrite NetblockChecksum function logic Hao Wu
2016-12-15 2:45 ` Fu, Siyuan
2016-12-15 7:41 ` Ye, Ting
2016-12-15 7:51 ` Wu, Jiaxin
2016-12-14 11:26 ` [PATCH 5/6] MdeModulePkg/UefiPxeBcDxe: Refine the CvtNum " Hao Wu
2016-12-15 2:47 ` Fu, Siyuan
2016-12-15 7:33 ` Ye, Ting
2016-12-15 7:51 ` Wu, Jiaxin
2016-12-14 11:26 ` [PATCH 6/6] NetworkPkg: Refine UintnToAscDecWithFormat functions logic Hao Wu
2016-12-15 2:47 ` Fu, Siyuan
2016-12-15 7:32 ` Ye, Ting
2016-12-15 7:52 ` Wu, Jiaxin
2016-12-18 3:04 ` [PATCH 0/6] Refine code logics to prevent possible mis-reports by static code checkers Heyi Guo
2016-12-20 8:14 ` Wu, Hao A [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=B80AF82E9BFB8E4FBD8C89DA810C6A0931C5A1AC@SHSMSX104.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox